aptitude update, apt-get update, apt update do the same job. Then what is the difference between them? We explained the basic of Advanced Packaging Tool (apt) and aptitude in the linked old article. Let us first discuss aptitude and apt-get. aptitude, apt-get and apt are front ends to dpkg. aptitude provides a terminal menu interface whereas apt-get does not. Using aptitude TUI as a normal user … [Read more...]
Linux
Linux or more correctly GNU/Linux refers to the family of free UNIX-like computer operating systems using the Linux kernel. GNU/Linux can be installed on a wide variety of computer hardware.
Optionsbleed (CVE-2017-9798) : Apache Web Server Memory Leak Bug
Possibly most of the users are already aware, yet we may have our readers who are yet not aware of Optionsbleed. Optionsbleed (CVE-2017-9798) is a minor bug of Apache Web Server which may reveal password like data. Users are advised to update to patch. The bug was identified by a freelance journalist H. Böck in 2014 but has only received importance these days and in a dedicated update it has been … [Read more...]
How To Install Metasploit on Ubuntu 16.04 LTS To Test Security
White hat or Black hat, hacking demands good grasp of all sysadmin works. The usage style we show on this website are intended for testing security of own servers - that is white hat way. We have a list of essential security tools for GNU/Linux servers. Metasploit framework needs Ruby, Postgre SQL, Java etc. Here is how to install Metasploit on Ubuntu 16.04 LTS to test security of servers. Off … [Read more...]
Fail2Ban Log Analysis Bash Script For Report Generation
Previously we gave some complicated commands to our readers who use Fail2Ban and needs some checking. Other way was using BadIPs for creation of graph. Fail2Ban log analysis bash script is for report generation as list of attacker IPs, banned, unbanned, password attempts sorted by date, country. We written this easy script using various commands and we think it is useful to any sysadmin to quickly … [Read more...]
Installing GeoIP Module On Apache2, Ubuntu 16.04
We did it before but for Nginx (you can look - Installing GeoIP On Nginx). We need this to use GoAcesss log analyzer like tools, Piwik etc. WordPress like modern CMS use PHP based function and needs no server side work. Installing GeoIP Module On Apache2, Ubuntu 16.04 Needs Some Manual Steps After Running Installation Command. Sample PHP file supplied to test. Installing GeoIP … [Read more...]
How To Configure OCSP Stapling On Apache 2.4+
Previously we talked about OCSP, OCSP Stapling and OCSP Stapling on Nginx. Now, we will configure OCSP Stapling In Apache 2.4 It is important to avoid some settings of OCSP Stapling on a production website as it can give errors like OCSP Response Expired or just in case of Nginx 502. Here is how to configure OCSP Stapling on Apache 2.4+ with full configuration. These are among TLS optimisazion. In … [Read more...]
How To Perform Security Audits On Ubuntu 16.04 (With Lynis)
Security audit in our case is am automatic technical assessment of our server and web applications in the context of security by performing security vulnerability scans, reviewing application and operating system access controls some softwares or scripts. At the ens, we will gather a software generated audit report. Here is how to perform security audits on Ubuntu 16.04 with Lynis and other tools … [Read more...]
Install, Configure Advanced Policy Firewall (AFP) On Ubuntu 16.04
If you are a new user, you should not follow this guide for production sever but follow our basic server setup guide and IPTables guide to configure your firewall. New users can follow this guide with test/development servers. Advanced Policy Firewall is an iptables based firewall. Here is how to install, configure Advanced Policy Firewall (AFP) on Ubuntu 16.04. It is essentially an interface to … [Read more...]
Ubuntu 16.04 Apache2 HTTP/2, HSTS : Steps + Configuration
As we said before - we are no longer supporting to install, configure Nginx but we are back to support Apache2 mainly for their odd idea to involve community to develop modules for free and distribute with paid product. Additionally, Nginx 502 error is a nightmare. Apache2 at current cost of web hosting not exactly bad. Here is a full working guided steps to setup Ubuntu 16.04 Apache2 HTTP/2, HSTS … [Read more...]
How To Install, Configure & Run Malware Detect (maldet) On Linux Server
Previously, we talked about a bunch of anti malware for GNU/Linux servers. That list essentially was for the purpose of our future guides around those softwares. Here is a step by step complete guide on how to install, configure & run malware detect (maldet) on linux server with Ubuntu server commands as example. Reader needs not much experience to get used and work. Again - Linux Malware … [Read more...]
List Of Anti Malware For GNU/Linux Server
We noticed that we need to deliver guides around some known things which are possibly not known to the new users. Somehow, many we missed talking about them since the year 2010. Anti Malware is not a fully correct phrase for Linux but the meaning is obvious. Here is a usable list of Anti-malware for GNU/Linux server. Malware is a program that aims to disrupt the normal operation of a server. … [Read more...]